<?php
/*
Bitsand - a web-based booking system for LRP events
Copyright (C) 2006 Russell Peter Phillips

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
*/

include ('inc/inc_head_db.php');
$db_prefix = DB_PREFIX;

//If user has finalised booking (no payment needed), mark as "payment received" and redirect to this page without query string
//Redirecting to this page without query string will mean that "you are fully booked" message is displayed
if ($_GET ['pay'] == 'free') {
	//Run UPDATE query to set date payment received
	$sDate = date ('Y-m-d');
	$sql = "UPDATE {$db_prefix}bookings SET bkDatePaymentConfirmed = '$sDate'";
	if ($_GET ['meal'] == 'yes')
		$sql .= ", bkMealTicket = 1";
	$sql .= " WHERE bkPlayerID = $PLAYER_ID";
	ba_db_query ($link, $sql);

	//Send e-mail
	$sql_select = "SELECT plFirstName, plSurname, plEmail ";
	$sql_select .= "FROM {$db_prefix}players WHERE plPlayerID = $PLAYER_ID";
	//Run SELECT query and send e-mail
	$result = ba_db_query ($link, $sql_select);
	$row = ba_db_fetch_assoc ($result);
	$sBody = "Your have been marked as paid for the upcoming event.\n";
	$sBody .= "You are now fully booked.\n\nThank you.\n\n";
	$sBody .= "Player ID: " . PID_PREFIX . sprintf ('%03s', $PLAYER_ID) . "\n";
	$sBody .= "OOC Name: " . $row ['plFirstName'] . " " . $row ['plSurname'];
	mail ($row ['plEmail'], SYSTEM_NAME . ' - marked paid', $sBody, "From:" . SYSTEM_NAME . " <" . EVENT_CONTACT_MAIL . ">");

	//Make up URL & redirect
	$sURL = SYSTEM_URL . 'start.php';
	header ("Location: $sURL");
}

include ('inc/inc_head_html.php');
?>

<h1><?php echo TITLE?></h1>

<h2>Next Event: <?php echo EVENT_NAME?></h2>

<?php
include ('inc/inc_event.php');
echo ANNOUNCEMENT_MESSAGE;

if ($_GET ['green'] != '')
	echo "<p class = 'green'>" . htmlentities ($_GET ['green']) . "</p>\n";
if ($_GET ['warn'] != '')
	echo "<p class = 'warn'>" . htmlentities ($_GET ['warn']) . "</p>\n";
//Get bookings details
$sql = "SELECT * FROM {$db_prefix}bookings WHERE bkPlayerID = $PLAYER_ID";
$result = ba_db_query ($link, $sql);
$row = ba_db_fetch_assoc ($result);
$sDateIC = $row ['bkDateICConfirmed'];
$sOOC = $row ['bkDateOOCConfirmed'];
$sDateConfirm = $row ['bkDatePaymentConfirmed'];

//Check if player has entered IC & OOC data
$sql = "SELECT chName FROM {$db_prefix}characters WHERE chPlayerID = $PLAYER_ID";
$result = ba_db_query ($link, $sql);
$iIC = ba_db_num_rows ($result);

//Check for OOC data needs to check for some actual data, as a record will always exist
$sql = "SELECT plFirstName, plBookAs " .
	"FROM {$db_prefix}players WHERE plPlayerID = $PLAYER_ID";
$result = ba_db_query ($link, $sql);
$row = ba_db_fetch_assoc ($result);
$BookAs = $row ['plBookAs'];
if ($row ['plFirstName'] != '')
	$bOOC = True;
else
	$bOOC = False;

echo "<p>\n";
echo "In order to book this event online you must confirm your OOC and IC information and then pay, either ";
if (USE_PAY_PAL)
	echo "via PayPal or ";
echo "by cheque, cash or postal order. Once your payment has been confirmed (by an admin) you will be listed in the booking list.\n";
echo "</p>\n<p>\n";

if (($sOOC == '' || $sOOC == '0000-00-00') && $bOOC === False)
	echo "<a href = 'ooc_form.php'>Enter OOC information</a><br>\n";
elseif (($sOOC == '' || $sOOC == '0000-00-00') && $bOOC === True) {
	//$bBookingClosed is used to determine whether or not the desired booking type is closed.
	//If it is, the user gets the option to edit their OOC details to select a different booking type
	$bBookingClosed = False;
	//Check that bookings are still available
	if ($BookAs == 'Player' && ALLOW_PLAYER_BOOKINGS === False) {
		echo "<span class = 'sans-warn'>Character bookings are closed</a>. You cannot book as a character for this event.</span>\n";
		$bBookingClosed = True;
	}
	elseif ($BookAs == 'Monster' && ALLOW_MONSTER_BOOKINGS === False) {
		echo "<span class = 'sans-warn'>Monster bookings are closed</a>. You cannot book as a monster for this event.</span>\n";
		$bBookingClosed = True;
	}
	elseif ($BookAs == 'Staff' && ALLOW_STAFF_BOOKINGS === False) {
		echo "<span class = 'sans-warn'>Staff bookings are closed</a>. You cannot book as staff for this event.</span>\n";
		$bBookingClosed = True;
	}
	else
		echo "<a href = 'ooc_view.php' class = 'sans-warn'>Confirm OOC information</a><br>\n";
	if ($bBookingClosed)
		echo " You may <a href = 'ooc_form.php'>edit your OOC information</a> to select a different booking type\n";
}
else
	echo "<a href = 'ooc_view.php'>OOC information has been confirmed</a><br>\n";
?>
</p>

<p>
<?php
if (($sDateIC == '' || $sDateIC == '0000-00-00') && $iIC == 0)
	echo "<a href = 'ic_form.php'>Enter IC information</a><br>\n";
elseif (($sDateIC == '' || $sDateIC == '0000-00-00') && $iIC > 0)
	echo "<a href = 'ic_view.php' class = 'sans-warn'>Confirm IC information</a><br>\n";
else
	echo "<a href = 'ic_view.php'>IC information has been confirmed</a><br>\n";
?>
</p>

<p>
<?php
//PayPal links
if ($sOOC == '' || $sOOC == '0000-00-00' || $sDateIC == '' || $sDateIC == '0000-00-00')
	echo "You cannot pay until OOC and IC information is confirmed.<br>\n";
elseif (USE_PAY_PAL === True) {
	if ($sDateConfirm == '' || $sDateConfirm == '0000-00-00') {
		echo "To pay via PayPal, click on one of the buttons below. If a price is marked as &pound;0.00, clicking on the link will simply finalise your booking - no payment is required in this case.<br>";
		echo "<table><tr>\n";
		if ($BookAs == "Player") {
			if (PAYPAL_AMOUNT_P1 != '') {
				echo "<td class = 'mid'>\n";
				if (PAYPAL_AMOUNT_P1 != '0.00') {
					echo "<form target='paypal' action='https://www.paypal.com/cgi-bin/webscr' method='post'>\n";
					echo "<input type='hidden' name='cmd' value='_xclick'>\n";
					echo "<input type='hidden' name='business' value='" . PAYPAL_EMAIL . "'>\n";
					echo "<input type='hidden' name='item_name' value='" . PAYPAL_PLAYER_1 . 
						"(" . PID_PREFIX . sprintf ('%03s', $PLAYER_ID) . ")'>\n";
					echo "<input type='hidden' name='currency_code' value='GBP'>\n";
					echo "<input type='hidden' name='amount' value='" . PAYPAL_AMOUNT_P1 . "'>\n";
					echo "<input type='hidden' name='no_shipping' value='1'>\n";
					echo "<input type='image' src='http://images.paypal.com/images/x-click-but01.gif' name='submit' alt='Make payments with PayPal - fast, free and secure!'>\n";
					echo "</form>\n";
				}
				else
					echo "<a href = 'start.php?pay=free'>Finalise booking</a>";
				echo "</td>\n";
			}
			if (PAYPAL_AMOUNT_P2 != '') {
				echo "<td class = 'mid'>\n";
				if (PAYPAL_AMOUNT_P2 != '0.00') {
					echo "<form target='paypal' action='https://www.paypal.com/cgi-bin/webscr' method='post'>\n";
					echo "<input type='hidden' name='cmd' value='_xclick'>\n";
					echo "<input type='hidden' name='business' value='" . PAYPAL_EMAIL . "'>\n";
					echo "<input type='hidden' name='item_name' value='" . PAYPAL_PLAYER_2 . 
						"(" . PID_PREFIX . sprintf ('%03s', $PLAYER_ID) . ")'>\n";
					echo "<input type='hidden' name='currency_code' value='GBP'>\n";
					echo "<input type='hidden' name='amount' value='" . PAYPAL_AMOUNT_P2 . "'>\n";
					echo "<input type='hidden' name='no_shipping' value='1'>\n";
					echo "<input type='image' src='http://images.paypal.com/images/x-click-but01.gif' name='submit' alt='Make payments with PayPal - fast, free and secure!'>\n";
					echo "</form>\n";
				}
				else
					echo "<a href = 'start.php?pay=free&meal=yes'>Finalise booking</a>";
				echo "</td>\n";
			}
		}
		if ($BookAs == "Monster") {
			if (PAYPAL_AMOUNT_M1 != '') {
				echo "<td class = 'mid'>\n";
				if (PAYPAL_AMOUNT_M1 != '0.00') {
					echo "<form target='paypal' action='https://www.paypal.com/cgi-bin/webscr' method='post'>\n";
					echo "<input type='hidden' name='cmd' value='_xclick'>\n";
					echo "<input type='hidden' name='business' value='" . PAYPAL_EMAIL . "'>\n";
					echo "<input type='hidden' name='item_name' value='" . PAYPAL_MONSTER_1 . 
						"(" . PID_PREFIX . sprintf ('%03s', $PLAYER_ID) . ")'>\n";
					echo "<input type='hidden' name='currency_code' value='GBP'>\n";
					echo "<input type='hidden' name='amount' value='" . PAYPAL_AMOUNT_M1 . "'>\n";
					echo "<input type='hidden' name='no_shipping' value='1'>\n";
					echo "<input type='image' src='http://images.paypal.com/images/x-click-but01.gif' name='submit' alt='Make payments with PayPal - fast, free and secure!'>\n";
					echo "</form>\n";
				}
				else
					echo "<a href = 'start.php?pay=free'>Finalise booking</a>";
				echo "</td>\n";
			}
			if (PAYPAL_AMOUNT_M2 != '') {
				echo "<td class = 'mid'>\n";
				if (PAYPAL_AMOUNT_M2 != '0.00') {
					echo "<td class = 'mid'>\n";
					echo "<form target='paypal' action='https://www.paypal.com/cgi-bin/webscr' method='post'>\n";
					echo "<input type='hidden' name='cmd' value='_xclick'>\n";
					echo "<input type='hidden' name='business' value='" . PAYPAL_EMAIL . "'>\n";
					echo "<input type='hidden' name='item_name' value='" . PAYPAL_MONSTER_2 . 
						"(" . PID_PREFIX . sprintf ('%03s', $PLAYER_ID) . ")'>\n";
					echo "<input type='hidden' name='currency_code' value='GBP'>\n";
					echo "<input type='hidden' name='amount' value='" . PAYPAL_AMOUNT_M2 . "'>\n";
					echo "<input type='hidden' name='no_shipping' value='1'>\n";
					echo "<input type='image' src='http://images.paypal.com/images/x-click-but01.gif' name='submit' alt='Make payments with PayPal - fast, free and secure!'>\n";
					echo "</form>\n";
					echo "</td>\n";
				}
				else
					echo "<a href = 'start.php?pay=free&meal=yes'>Finalise booking</a>";
				echo "</td>\n";
			}
		}
		if ($BookAs == "Staff") {
			if (PAYPAL_AMOUNT_S1 != '') {
				echo "<td class = 'mid'>\n";
				if (PAYPAL_AMOUNT_S1 != '0.00') {
					echo "<form target='paypal' action='https://www.paypal.com/cgi-bin/webscr' method='post'>\n";
					echo "<input type='hidden' name='cmd' value='_xclick'>\n";
					echo "<input type='hidden' name='business' value='" . PAYPAL_EMAIL . "'>\n";
					echo "<input type='hidden' name='item_name' value='" . PAYPAL_STAFF_1 . 
						"(" . PID_PREFIX . sprintf ('%03s', $PLAYER_ID) . ")'>\n";
					echo "<input type='hidden' name='currency_code' value='GBP'>\n";
					echo "<input type='hidden' name='amount' value='" . PAYPAL_AMOUNT_S1 . "'>\n";
					echo "<input type='hidden' name='no_shipping' value='1'>\n";
					echo "<input type='image' src='http://images.paypal.com/images/x-click-but01.gif' name='submit' alt='Make payments with PayPal - fast, free and secure!'>\n";
					echo "</form>\n";
				}
				else
					echo "<a href = 'start.php?pay=free'>Finalise booking</a>";
				echo "</td>\n";
			}
			if (PAYPAL_AMOUNT_S2 != '') {
				echo "<td class = 'mid'>\n";
				if (PAYPAL_AMOUNT_S2 != '0.00') {
					echo "<form target='paypal' action='https://www.paypal.com/cgi-bin/webscr' method='post'>\n";
					echo "<input type='hidden' name='cmd' value='_xclick'>\n";
					echo "<input type='hidden' name='business' value='" . PAYPAL_EMAIL . "'>\n";
					echo "<input type='hidden' name='item_name' value='" . PAYPAL_STAFF_2 . 
						"(" . PID_PREFIX . sprintf ('%03s', $PLAYER_ID) . ")'>\n";
					echo "<input type='hidden' name='currency_code' value='GBP'>\n";
					echo "<input type='hidden' name='amount' value='" . PAYPAL_AMOUNT_S2 . "'>\n";
					echo "<input type='hidden' name='no_shipping' value='1'>\n";
					echo "<input type='image' src='http://images.paypal.com/images/x-click-but01.gif' name='submit' alt='Make payments with PayPal - fast, free and secure!'>\n";
					echo "</form>\n";
				}
				else
					echo "<a href = 'start.php?pay=free&meal=yes'>Finalise booking</a>";
				echo "</td>\n";
			}
		}
		echo "</tr>\n";
		echo "<tr>\n";
		if ($BookAs == "Player") {
			if (PAYPAL_AMOUNT_P1 != '')
				echo "<td class = 'mid'>" . PAYPAL_PLAYER_1 . ", &pound;" . PAYPAL_AMOUNT_P1 . "</td>\n";
			if (PAYPAL_AMOUNT_P2 != '')
				echo "<td class = 'mid'>" . PAYPAL_PLAYER_2 . ", &pound;" . PAYPAL_AMOUNT_P2 . "</td>\n";
		}
		if ($BookAs == "Monster") {
			if (PAYPAL_AMOUNT_M1 != '')
				echo "<td class = 'mid'>" . PAYPAL_MONSTER_1 . ", &pound;" . PAYPAL_AMOUNT_M1 . "</td>\n";
			if (PAYPAL_AMOUNT_M2 != '')
				echo "<td class = 'mid'>" . PAYPAL_MONSTER_2 . ", &pound;" . PAYPAL_AMOUNT_M2 . "</td>\n";
		}
		if ($BookAs == "Staff") {
			if (PAYPAL_AMOUNT_S1 != '')
				echo "<td class = 'mid'>" . PAYPAL_STAFF_1 . ", &pound;" . PAYPAL_AMOUNT_S1 . "</td>\n";
			if (PAYPAL_AMOUNT_S2 != '')
				echo "<td class = 'mid'>" . PAYPAL_STAFF_2 . ", &pound;" . PAYPAL_AMOUNT_S2 . "</td>\n";
		}
		echo "</tr></table>\n";
	}
	else
		echo "<span class = 'sans-green'>Receipt of your payment has been confirmed, and you are now fully booked.</span>";
}
?>
</p>

<?php
include ('inc/inc_foot.php');
?>
